Pengfei Wu (School of Computing, National University of Singapore), Jianting Ning (College of Computer and Cyber Security, Fujian Normal University; Institute of Information Engineering, Chinese Academy of Sciences), Jiamin Shen (School of Computing, National University of Singapore), Hongbing Wang (School of Computing, National University of Singapore), Ee-Chien Chang (School of Computing, National University of Singapore)

Trusted execution environment (TEE) such as Intel SGX relies on hardware protection and can perform secure multi-party computation (MPC) much more efficiently than pure software solutions. However, multiple side-channel attacks have been discovered in current implementations, leading to various levels of trust among different parties. For instance, a party might assume that an adversary is unable to compromise TEE, while another might only have a partial trust in TEE or even does not trust it at all. In an MPC scenario consisting of parties with different levels of trust, one could fall back to pure software solutions. While satisfying the security concerns of all parties, those who accept TEE would not be able to enjoy the benefit brought by it.

In this paper, we study the above-mentioned scenario by proposing HybrTC, a generic framework for evaluating a function in the emph{hybrid trust} manner. We give a security formalization in universal composability (UC) and introduce a new cryptographic model for the TEEs-like hardware, named emph{multifaceted trusted hardware} $mathcal{F}_{TH}$, that captures various levels of trust perceived by different parties. To demonstrate the relevance of the hybrid setting, we give a distributed database scenario where a user completely or partially trusts different TEEs in protecting her distributed query, whereas multiple servers refuse to use TEE in protecting their sensitive databases. We propose a maliciously-secure protocol for a typical select-and-join query in the multi-party setting. Experimental result has shown that on two servers with $2^{20}$ records in datasets, and with a quarter of records being selected, only 165.82s is incurred which achieves more than $18,752.58times$ speedups compared to cryptographic solutions.

View More Papers

Let’s Authenticate: Automated Certificates for User Authentication

James Conners (Brigham Young University), Corey Devenport (Brigham Young University), Stephen Derbidge (Brigham Young University), Natalie Farnsworth (Brigham Young University), Kyler Gates (Brigham Young University), Stephen Lambert (Brigham Young University), Christopher McClain (Brigham Young University), Parker Nichols (Brigham Young University), Daniel Zappala (Brigham Young University)

Read More

Speeding Dumbo: Pushing Asynchronous BFT Closer to Practice

Bingyong Guo (Institute of Software, Chinese Academy of Sciences), Yuan Lu (Institute of Software Chinese Academy of Sciences), Zhenliang Lu (The University of Sydney), Qiang Tang (The University of Sydney), jing xu (Institute of Software, Chinese Academy of Sciences), Zhenfeng Zhang (Institute of Software, Chinese Academy of Sciences)

Read More

NC-Max: Breaking the Security-Performance Tradeoff in Nakamoto Consensus

Ren Zhang (Nervos), Dingwei Zhang (Nervos), Quake Wang (Nervos), Shichen Wu (School of Cyber Science and Technology, Shandong University), Jan Xie (Nervos), Bart Preneel (imec-COSIC, KU Leuven)

Read More

Preventing Kernel Hacks with HAKCs

Derrick McKee (Purdue University), Yianni Giannaris (MIT CSAIL), Carolina Ortega (MIT CSAIL), Howard Shrobe (MIT CSAIL), Mathias Payer (EPFL), Hamed Okhravi (MIT Lincoln Laboratory), Nathan Burow (MIT Lincoln Laboratory)

Read More